Cyber security is front of mind for Australian CEOs, with investment in cyber defence seen as a top priority, according to the latest Global CEO Outlook study from KPMG.
Four out of five Australian companies have made “high investment”’ in cyber over the past 12 months (80 percent vs 66 percent globally), and are also planning higher investment over the next three years. “Strengthening organisational resilience” against cyber-attacks is Australian CEOs' second highest priority for investment overall, with 71 percent of companies preparing to invest compared to 53 percent of CEOs globally. Nearly half (48 percent) said they are concerned about combatting cyber security “fatigue” within their organisations.
Despite this, Australian companies feel no more prepared than their global counterparts for a cyber-attack, with over half, 57 percent (and 57 percent globally) not fully prepared.
"It’s clear that Australian CEOs are awake to the threat represented by cyber-attacks, and are investing in defences accordingly. They’re more likely to admit they’re not where they need to be, and recognise that work needs to be done. In the current environment, following major high profile global and local attacks, this is a commendable approach," said Gordon Archibald, a partner in KPMG Australia's Cyber Security Services practice.
Australia’s attitude towards different types of cyber threats varies from global concerns, with more confidence amongst Australian CEOs in their preparation against social media issues or data theft, but less feeling fully ready for ransomware or DDOS attacks.
Source: KPMG 2017 Global CEO Outlook
|Percent fully prepared against||Australia||Global|
|Equipment/software attack||46 percent||50 percent|
|Employee-led data breach||44 percent||45 percent|
|Social media hacking||52 percent||42 percent|
|Business data theft||54 percent||47 percent|
|Customer data theft||52 percent||49 percent|
|Ransomware||31 percent||44 percent|
|DDOS attacks||31 percent||38 percent|
Australian CEOs are more likely than their global counterparts to see mitigating cyber risk as an embedded part of their leadership role (94 percent vs 72 percent globally), but less likely to see it as a disruptive growth opportunity (59 percent vs 71 percent).
However, Australian leaders are more likely to see security as prompting innovation in products and services (69 percent vs 53 percent globally). And they are more conscious that the impact of cyber security investment should be tracked, with 50 percent saying that companies "need to be smarter" in tracking, vs 42 percent globally.
Human capital is seen as the key challenge in tackling cyber security (for 65 percent of Australian firms vs 47 percent globally).
"It is very good to see Australian CEOs stepping up to take responsibility for cyber security. There’s definite recognition globally that investment and innovation in cyber security can encourage innovation across an organisation. But in Australia, even if cyber defences aren’t seen as leading to direct ROI, the investment still need to be justified,” Gordon Archibald said.
“The number one hurdle is finding qualified and experienced talent to both address the risks and grasp the opportunities, so it’s important that industry, government and academia continue to work together to foster the Australian cyber security sector.”
The survey covers 1,261 CEOs in 10 key markets (Australia, China, France, Germany, India, Italy, Japan, Spain, UK and US) and 11 key industry sectors (automotive, banking, infrastructure, insurance, investment management, life sciences, manufacturing, retail/consumer markets, technology, energy/utilities and telecom). A third of the companies surveyed have more than US$10B in annual revenue, with no responses from companies under US$500M. The survey was conducted between 21 February and 11 April 2017.
+61 411 020 680
KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. We operate in 152 countries and have 189,000 people working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.